(19) 



J 



Europaisches Patentamt 
European Patent Office 
Office europeen des brevets 



(11) 



EP1 538 619 A1 



(12) 



EUROPEAN PATENT APPLICATION 





LJdL6 Ul pUDIICdLIOn. 


/ir-i\ 1 4. /^i 7 f^A H D OA/An OACCT H ir\f\ 

(51) Intel/: Iji11b ^U/UU, CjiUbr 1/UU 




Uo.Ub.2UU5 DUlletin 2UU5/2o 


/OH \ 

(21) 


Application number: 03026637.3 






Rota rkf fill nn- iQ ii OnilQ 

uaie OT Tiling, is.ii.^uuo 




(84) 


Designated Contracting States: 


• Vollschwitz, Alexander, 




AT BE BG CH CY CZ DE DK EE ES Fl FR GB GR 


Sony IntM. (Europe) GmbH 




HU IE IT LI LU MC NL PT RO SE SI SK TR 


70327 Stuttgart (DE) 




Designated Extension States: 






AL LT LV MK 


(74) Representative: Korber, Martin, Dipi.-Phys. et al 






Mitscherllch & Partner, 


(71) 


Applicant: Sony International (Europe) GmbH 


Patent- und Rechtsanwaite, 




10785 Berlin (DE) 


Sonnenstrasse 33 






80331 iVIunchen (DE) 


(72) 


Inventors: 




• 


Terranova, Sabine, Sony Int'l. (Europe) GmbH 






70327 Stuttgart (DE) 





(54) Copy protected digital data 



< 

CD 

00 
CO 
LO 



(57) Conventionally, digital data comprise a passive 
part (2) comprising content (1) to be protected in en- 
crypted form, an active part (3) comprising information 
(4) how to decrypt the content (1 ) comprised in the pas- 
sive part (2] and a hidden part (6), wherein the active 
part (3) and the corresponding passive part (2) consti- 
tute an active content (8) and the hidden part (6) is al- 
located to the active content (8) and/or the active part 
(3) of the active content (8) and/or the passive part (2) 
of the active content (8), the hidden part (6) comprising 
infomnation (7) about properties of the respective active 
content (8) and/or respective active part (3) and/or the 
respective passive part (2). 

With said digital data it is a disadvantage that prior 
art solutions to provide copy protection are very uncom- 
fortable for a user since either a central database has 
to be accessed or a special hardware has to be provid- 
ed. 

Therefore, it is the object to provide copy protected 
digital data which uses combine a high level of copy pro- 
tection and a high user frankness. It is a further object 
to provide a method for reproducing said copy protected 
digital content. 

Accordingly, the active part (2) of the active content 
(8) additionally comprises rules (5) to allow and/or forbid 
decryption of the content (1) comprised in the passive 
part (2) of the active content (8) based on the information 
(7) comprised in the hidden part (6). 

Since neither a central database has to be ac- 
cessed nor a special hardware has to be provided, the 
above object is solved. 
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Description 

[0001] The present invention relatesto a copy protect- 
ed digital data comprising tine features of the preamble 
of independent claim 1 and to a recording medium com- 
prising a copy protected digital data according to one of 
the claims 1 to 21 . 

[0002] Furthermore, the present invention relates to 
a method of reproducing a copy protected digital data. 
[0003] Said digital data frequently is provided in the 
form of data files which are operable by an operating 
system of a reproducing apparatus, e.g. a personal 
computer, a CD-player or a DVD-player. When digital 
data is stored into said reproducing apparatus, the op- 
erating system usually creates a data set allocated to 
the respective data file, the data set comprising infor- 
mation about the storing location, the size and the stor- 
ing date of the data file. 

[0004] Illegal copies of digital data (e.g. music or vid- 
eo data, software, or databases) result in an extraordi- 
nary monetary damage both forthe owner of the respec- 
tive intellectual property and for the resellers and sup- 
port providers. 

[0005] In this respect it has to be emphasised that il- 
legal copies of digital data are not only created by the 
organised crime but also by ordinary users of e.g. per- 
sonal computers, CD writers or DVD writers. 
[0006] IVIaking copies of digital data and providing 
them in a perfect quality becomes easier since copy 
possibilities increase and copying programmes become 
more comfortable. Furthermore, the prices for recording 
media are decreasing. 

[0007] Therefore, the providers of digital data are 
searching for solutions to prevent manufacture and dis- 
tribution of illegally copied digital data. 
[0008] A first proposal to solve this problem is product 
activation which is frequently used with software prod- 
ucts: 

[0009] A software product using product activation 
automatically generates an individual product key 
based on a serial number of the product and a hardware 
identifier (e.g. the serial number of a processor used in 
a personal computer). 

[0010] This product key has to be send via the Internet 
or by telephone to a service centre which generates an 
activation key based on the product key and information 
stored in a central database provided at the service cen- 
tre. 

[001 1] To run the software product the activation key 
has to be input first. 

[0012] If a software product using this prior art tech- 
nology is copied to another personal computer, the ac- 
tivation key becomes invalid since the hardware identi- 
fier which was used as a basis to generate the individual 
product key necessarily has changed. In consequence, 
the activation key which was generated based on the 
individual product key does not longer apply. Thus, each 
time the software product is installed to a new personal 



computer or the hardware configuration is significantly 
changed, a separate activation procedure has to be per- 
formed to run the product. Since activation of a software 
product bearing a certain serial number is stored in the 
5 central data base at the service centre, it can be reliably 
avoided that a software product bearing a certain serial 
number is activated more often then allowed by the cor- 
responding license. Therefore, the use of illegal copies 
of the software product can be avoided. 
10 [0013] Another proposal to solve the above problem 
is disclosed in the US patent application no. 09/848,468 
(publication no. US 2002/0164047 A1). 
[0014] The system and method described therein 
bases on embedding and detecting a one-bit watermark 
15 In a digital content file. The digital watermark is a se- 
quence that is embedded into digital content but is im- 
perceptible when the content is played. A certificate as- 
sociated with said digital watermark has to be provided 
to allow copying and playback of the digital content. The 
20 certificate contains copyright information that indicates 
permissible used of the digital content file, e.g. the 
number of times the digital content file may be repro- 
duced. Usually, the certificate is stored in a central data 
base accessible via the Internet, for example. The wa- 
25 termark is virtually non-removable from the content, 
meaning that if the watermark is removed, the percep- 
tual quality of the digital content is significantly altered. 
[0015] A further prior art solution to solve the above 
problem is disclosed in the US application no. 
30 09/847,81 3 (publication no. US 2002/0087883 A1 ). 
[0016] The proposed process for preventing the pri- 
vacy of application programs resident on a server and 
remotely accessed across a computer network by a cli- 
ent system in a computer environment comprises the 
35 steps of providing a network file system on said client, 
wherein said network file system handles and forwards 
all requests from local processes on the client that are 
directed at application program files located on said 
server. Said file system examines each of said requests 
40 and either grants or denies each of said requests de- 
pending on whether the request is justifiable from a se- 
curity perspective by using information that includes the 
nature of the originating process, the history of previous 
accesses by the process, and/or the section of the target 
45 file being requested. Furthermore, a network redirector 
component of said network file system is provided, 
wherein said network redirector component makes vis- 
ible to said network file system a path that represents 
the server where said application program files are 
50 stored. 

[0017] According to a further prior art approach, a 
special hardware (e.g. "dongle") has to be attached to 
a personal computer to activate a software product. 
[0018] It is a disadvantage with the above described 
55 prior art solutions that they are very uncomfortable for 
a user since either a central database has to be ac- 
cessed or a special hardware has to be provided. 
[001 9] Therefore, it is the object of the present inven- 
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tion to provide copy protected digital data whicli com- 
bines a liigh level of copy protection and a higli user 
frankness. It is a further object of the present invention 
to provide a nnethod for reproducing said copy protected 
digital data. 

[0020] The above object is solved in a copy protected 
digital data comprising the features of the preamble of 
independent claim 1 by the features of the characteris- 
ing part of claim 1 . 

[0021] Furthermore, the above object is solved by a 
method comprising the features of independent claim 
23. 

[0022] According to the present invention a copy pro- 
tected digital data comprises a passive part comprising 
content to be protected in encrypted form, an active part 
comprising information how to decrypt the content com- 
prised in the passive part and a hidden part, wherein the 
active part and the corresponding passive part consti- 
tute an active content, the hidden part is allocated to the 
active content and/orthe active part of the active content 
and/or the passive part of the active content, the hidden 
part comprising information about properties of the re- 
spective active content and/or respective active part 
and/orthe respective passive part and the active part of 
the active content additionally comprises rules to allow 
and/or forbid decryption of the content comprised in the 
passive part of the active content based on the informa- 
tion comprised in the hidden part. 
[0023] Thus, the inventive copy protected digital data 
does not prevent the copying of the digital data itself, 
but controls decryption of encrypted content comprised 
in said digital data. In consequence, reproduction of said 
copy protected digital data is limited. 
[0024] A hidden part of the copy protected digital data 
which is allocated to the active content is provided by 
the file system of each conventional operating system 
to allow addressing of the active content. Therefore, 
said hidden part meets the standards of the respective 
operating system. According to the present invention, 
properties of the respective active content and/orthe re- 
spective active and/or passive part of the copy protected 
digital data (e.g. storing location of the copy protected 
digital data, creation time of the copy protected digital 
data, time of last access / modification of copy protected 
digital data etc.) comprised in said hidden part are used 
for copy protection. Thus, no specialised hardware or 
central database has to been provided. No user input is 
necessary. In consequence, the inventive copy protect- 
ed digital data is very user-friendly. 
[0025] Furthermore, said hidden part usually is invis- 
ible for a user and thus hardto manipulate, Consequent- 
ly, the inventive copy protected digital data provides a 
high level of copy protection. 

[0026] Advantageously the active part is adapted to 
read out the information comprised in the respective hid- 
den part, to compare said information with the rules and 
to perform or deny decryption of the content comprised 
in the passive part based on a comparison result. 



[0027] Since control of the copy protection provided 
by the copy protected digital data is performed by the 
active part only, no specialised software or hardware or 
operating system has to be provided. Furthermore, both 

5 the read out operation and the comparison operation are 
simple and consume very few processor time. 
[0028] Preferably, the active part of the active content 
is adapted to permanently deny decryption of the con- 
tent comprised in the passive part of the active content 

10 if the information comprised in the hidden part does not 
comply with the rules of the active part. 
[0029] Thus, once a manipulation of the copy protect- 
ed digital data is detected, the illegal copy can be made 
unusable. 

15 [0030] Since the copy protected digital data usually is 

adapted to be reproduced plural times it is preferred that 
the active part further comprises information how to en- 
crypt the content comprised in the passive part. 
[0031 ] By encrypting the content after reproduction by 
20 use of the active part, a manipulation of said encryption 
is hard to perfonTi since no separate encryption means 
are used. 

[0032] According to a preferred embodiment of the 
present invention, based on a request to reproduce the 
25 content comprised in the passive part, the active part is 
further adapted to perform decoding and/or reproduc- 
tion of decrypted content after decryption of the content 
comprised in the passive part. 

[0033] Thus, the reproduction of the copy protected 
30 digital data can be performed by itself. I n conseq uence, 
no separate player (which might be manipulated to over- 
come the copy protection) is needed. IVIoreover, user 
friendliness is further enhanced. 
[0034] Preferably, the active part is adapted to com- 
35 pletely load and delete the passive part, to decrypt and 
reproduce the content comprised in the loaded passive 
part, to encrypt the decrypted content after reproduction 
and to store the encrypted content into a new passive 
part. 

40 [0035] In this respect, it is beneficial if the active part 
is adapted to perform loading, deletion, decryption, en- 
cryption and storing of the content comprised in the pas- 
sive part in real time during reproduction of the content 
comprised in the passive part. 
^5 [0036] Thus, at no time during a reproduction opera- 
tion a complete data set of encrypted content is provid- 
ed. Therefore, even during reproduction of the copy pro- 
tected digital data a high level of copy protection is main- 
tained. 

50 [0037] Advantageously, the active part is adapted to 
store the new passive part together with an adapted ac- 
tive part into a new active content. 
[0038] By storing the new passive part into a new ac- 
tive content each time reproduction is performed, it is 
55 guaranteed in a very easy way that a correspondingly 
amended hidden part automatically is generated by an 
operating system which is used to perform said repro- 
duction under control of the active part. 
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[0039] Favourably, the active part is adapted to auto- 
matically amend itself to build an amended active part 
each time decryption and/or encryption of the passive 
part is performed. 

[0040] Thus, as well the active content as well the ac- 
tive part as well the passive part as well the hidden part 
of the copy protected digital data automatically can be 
amended each time reproduction of the copy protected 
digital data is performed. This mal<es it very hard to over- 
come the inventive copy protection. 
[0041] It is profitable if the active part is a tamper re- 
sistant software to avoid manipulation of the active part. 
[0042] Preferentially, the rules comprised in the active 
part comprise information how often the content com- 
prised in the passive part is allowed to be decrypted and 
how often the content comprised in the passive part has 
already been decrypted. 

[0043] Alternatively or additionally, the rules com- 
prised in the active part may comprise information how 
long the content comprised in the passive part is allowed 

to be decrypted. 

[0044] It is further advantageous, if the rules com- 
prised in the active part comprise information how often 
the content comprised in the passive part is allowed to 
be lend and how often the content comprised in the pas- 
sive part has already been lend. 
[0045] As the active part and the passive part consti- 
tute an active content it is preferred that said active con- 
tent constitutes a unitary data file operable by an oper- 
ating system. 

[0046] Furthermore, it is preferred that based on a re- 
quest to decrypt and/or playback the content comphsed 
in the passive part, the active part is adapted to separate 
the passive part from the active content for decryption 
of the content comprised in the passive part. 
[0047] Thus, the active part and the passive part can 
be operated separately by the operating system under 
control of the active part. 

[0048] Favourably, the hidden part automatically is al- 
located to the active content and/or the active pari: of the 
active content and/or the passive part of the active con- 
tent by an operating system. 

[0049] Thus, e.g. the windows file system (NTFS) can 

be used to automatically generate the hidden part which 
is allocated to the active content and thus to both the 
active part and the passive part. 

[0050] It is preferred that the hidden part is stored in 
a system file (e.g. master table file) of an operating sys- 
tem since such a system file is invisible for a user. 
[0051] Although the hidden part might be stored in de- 
crypted form, for security reasons it is preferred to store 
the hidden part in encrypted form which might be envis- 
aged by the respective operating system. 
[0052] Advantageously, the hidden part further com- 
prises information about the location of the active con- 
tent and/or active part and/or passive part. 
[0053] According to a preferred embodiment of the 
present invention the information comprised in the hid- 



den part automatically is changed by an operating sys- 
tem to build an amended hidden part each time the ac- 
tive content and/or the active part of the active content 
and/or the passive part of the active content and/or the 
5 content comprised in the passive part of the active con- 
tent is read out and/or amended and/or stored. 
[0054] This is the standard with most operating sys- 
tems. 

[0055] Favourably, the encrypted content comprised 
10 in the passive part is digitised audio data and/or digitised 
video data and/or digitised picture date and/or a data- 
base and/or a software and/or digitised text. 
[0056] The copy protected digital data according to 
one of the claims 1 to 21 preferably may be comprised 
15 in a recording medium or in a consumer electronic de- 
vice or in a personal computer capable of downloading 
digital data. 

[0057] Furthermore, the above object is solved by a 
method of reproducing a copy protected digital data 
20 comprising 

a passive part comprising content to be protected 
in encrypted form; 

an active part comprising information how to de- 
25 cryptthe content comprised in the passive part; and 
a hidden part; 

wherein 

the active part and the corresponding passive part con- 
30 stitute an active content, 

the hidden part is allocated to the active content and/or 
the active part of the active content and/or the passive 
part of the active content, the hidden part comprising 
information about properties of the respective active 
35 content and/or respective active part and/or the respec- 
tive passive part, and 

the active part of the active content further comprises 
rules to allow and/or forbid decryption of the content 
comprised in the passive part of the active content 
40 based on the infonnation comprised in the hidden part; 
the method comprising the following steps: 

reading out the information comprised in the hidden 
part of the copy protected digital data; 
45 - comparing said information with the rules com- 
prised in the corresponding active part of the active 
content; 

denying decryption of the content comprised in the 

passive part of the active content if the information 
50 read out from the hidden part does not comply with 
the rules and terminating the method; 
loading the encrypted content comprised in the pas- 
sive part of the active content if the information read 
out from the hidden part complies with the rules; 
55 - performing decryption of the encrypted content; and 
reproducing decrypted content. 

[0058] According to a preferred embodiment of the in- 
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ventive method, the method further comprises the steps 
of deleting the passive part, encrypting the decrypted 
content after reproduction and storing the encrypted 
content into a new passive part. 
[0059] In this respect it is preferred that the step of 
reproducing the decrypted content, the step of deleting 
the passive part and the step of encrypting the decrypt- 
ed content after reproduction are performed in real time 
during reproduction of the decrypted content. 
[0060] Favourably, the method further comprises the 
step of automatically amending the hidden part by con- 
trol of an operating system to built an amended hidden 
part each time the active content and/or the active part 
of the active content and/or the passive part of the active 
content and/orthe content comprised in the passive part 
of the active content is read and/or amended and/or 
stored. 

[0061] Furthermore, it is beneficial if the method fur- 
ther comprises the steps of automatically amending the 
active part of the active content by control of the active 

part of the active content to build an amended active 
part each time decryption of the content comprised in 
the passive part is performed, 

[0062] Moreover, the above object is solved by a soft- 
ware product comprising a series of state elements 
which are adapted to be processed by a data processing 
means such, that a method according to one of the 
claims 23 to 27 may be executed thereon. 
[0063] In the following detailed description, the 
present invention is explained by reference to the ac- 
companying drawings, in which like reference charac- 
ters refer to like parts throughout the views, wherein: 

Fig. 1 shows a block diagram of a copy protected dig- 
ital data according to a preferred embodiment 
of the present invention; 

Fig. 2 schematically shows a recording medium 
comprising the copy protected digital data of 

Fig. 1; 

Fig. 3 shows a block diagram to explain reproduction 
of the copy protected digital data according to 
the preferred embodiment of the present in- 
vention; and 

Fig. 4 shows a flow diagram of the inventive method 
for reproducing a copy protected digital data. 

[0064] Fig. 1 shows a block diagram of a preferred 
embodiment of copy protected digital data according to 
the present invention. 

[0065] Said copy protected digital data comprises a 
passive part 2 and an active part 3. Both the active part 
3 and the passive part 2 together constitute an active 
content 8 which is a data file operable by an operating 
system 9 of a data reproducing apparatus. 
[0066] I n the present embodiment, the data reproduc- 



ing apparatus is a personal computer (not shown) and 
the operating system 9 is a "NT File System" (also called 
"New Technology File System") NTFS which is running 
on the personal computer. The NTFS stores file relevant 

5 information (file properties) either as resident attributes 
in a "IVI aster File Table" MFT or as non-resident at- 
tributes separately from the MFT in runs or extends. It 
is well understood that alternatively any operating sys- 
tem other than the NTFS might be used. 

10 [0067] Alternately, the data reproducing apparatus 
might be for example a CD or DVD recorder or a digital 
video recorder or a MP3-player. In this case, the oper- 
ating system would be the software of the respective 
controller or an embedded operating system. 

15 [0068] An encrypted digital content 1 is comprised in 
the passive part 2 of the active content 8. In the present 
embodiment, said content is a MP3 file comprising dig- 
itised audio data (music). 

[0069] Alternatively, said encrypted content 1 might 
20 be digitised video data, digitised picture data, digitised 
text data (e-book), a data base or a software. It is obvi- 
ous that said content 1 even might be a mix of different 
kinds of digital or digitised data which might be provided 
in any known or future format e.g. MPEG, JPEG/BMP, 
25 etc.. 

[0070] Since the content 1 is comprised in the passive 
part 2 in encrypted form, it is not possible to read out or 
to reproduce the information comprised in the content 1 
from the passive part 2 without decryption. Thus, the 
30 passive part 2 comprises the "raw" information and does 
not comprise information how to read or reproduce said 
information. 

[0071 ] The active part 3 comprises information 4 how 
to decrypt the content 1 comprised in the passive part 
35 and infonnation 4' how to encrypt decrypted content 1 ' 
received by decrypting the content 1 comprised in the 
passive part 2. 

[0072] Furthermore, the active part 2 comprises rules 
5 to allow and/or forbid decryption of the content 1 com- 
40 prised in the passive part 2 based on information 7 com- 
prised in a hidden part 6 provided under control of a op- 
erating system 9. 

[0073] In the present embodiment, said rules 5 com- 
prise internal information 5' how often the content 1 
45 comprised in the passive part 2 is allowed to be decrypt- 
ed and how often the content 1 has already been de- 
crypted by the active part 3, information 5" for which time 
period the content 1 is allowed to be decrypted and for 
which time period the content 1 has already been de- 
50 crypted by the active part 3 and information 5"' how often 
the content 1 is allowed to be lend and how often the 
content 1 has already been lend. The Information 
5'" how often the content 1 comprised in the passive part 
2 has already been lend can be received e.g. by logging 
55 the different hardware characteristics of the reproducing 
apparatus the active content 8 has already been stored 
to. 

[0074] It is evident that further rules and internal infor- 
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mation (e.g. size, frequency of accesses of the passive 
part 2 etc.) to allow and/or forbid decryption of tine con- 
tent comprised in the passive part based on information 
comprised in a hidden part might be provided in the ac- 
tive part. 

[0075] Thus, the active part 3 compares the informa- 
tion 7 comprised in the hidden part 6 with the internal 
information 5, 5', 5" etc. and decides based on the rules 

5 by using the comparison result whether it is possible 
to decrypt the passive part 2 of the active content 8 or 
not. 

[0076] Moreover, the active part 3 is adapted to per- 
form decoding and reproduction of decrypted content 1' 
which is generated by decryption of the content 1 com- 
prised in the passive part 2. Thus, the active part 3 ad- 
ditionally knows how to play back the passive part 2. 
[0077] In the present embodiment, the active part 3 
consequently comprises a player for l\/IP3 files. There- 
fore, in addition to the active part 3 no additional soft- 
ware is required (except the operating system) to repro- 
duce the information comprised in the passive part 2. 
However it is possible to have the player itself or part of 
it external to the active content. 

[0078] To avoid a manipulation of the active part 3, the 
active part is provided as a tamper resistant software 
(see e.g. D. AUCSMITH "Tamper Resistant Software: 
an Implementation" and the essay "The Encoder Solu- 
tion To Implementing Tamper Resistant Software" by J. 
R. NICKERSON, ST. CHOW, H.J. JOHNSON, and Y. 
GU). 

[0079] In the present embodiment, the hidden part 6 
is allocated to the active content 8 and thus to both the 
active part 3 and the passive part 2. 
[0080] Alternatively, the hidden part might be allocat- 
ed to the active part and/or the passive part, only. 
[0081] The information 7 comprised in the hidden part 

6 relates to properties of the active content 8 and thus 
to properties of both the active part 3 and the respective 
passive part 2. In the present example, said properties 
comprise creation time of the active content 8, time of 
last modification or time of last access of the active con- 
tent 8, storing location of the active content 8 and size 
of the active content 8. 

[0082] In the present embodiment, the hidden part 6 
is stored in the Master Table File MTF 10 of the NTFS 
operating system 9. Thus, the hidden part 6 is not di- 
rectly attached to the active content 8 in a literal sense 
but stored with the system files of the operating system 
9 onto a hard disc. 

[0083] It is obvious that said hidden part 6 alternative- 
ly might be stored in another suitable system file of the 
respective operating system or as a file extension to- 
gether with the active content and/or active part and/or 
passive part. Further alternatively, the hidden part might 
be stored in runs of the active content comprising the 
active part and the passive part. 
[0084] Moreover, said system files of the operating 
system alternatively might be stored on an arbitrary port- 



able volume, e.g. a changeable hard disc or a floppy 
disc. In case of a changeable hard disc or floppy disc 
said system file is e.g. a leading track comprising the 
file structure of the respective volume. Thus, said file 

5 structure is not necessarily a physical part of the oper- 
ating system, but has to comply with the requirements 
of the respective operating system, only. Furthermore, 
the hidden part stored in the file system has to be allo- 
cated to the respective active content and thus to the 

10 respective active part and/or passive part of the copy 
protected digital content. Moreover, the active part has 
to comprise information where the respective hidden 
part is located and how it is read out. 
[0085] The hidden part is not directly visible to a user 

15 because to its relation to the operating system 9 and is 
written according to the standards of the respective op- 
erating system 9 (in the present embodiment the NTFS 
standard). 

[0086] Although the hidden part 6 might not be store 
20 in encrypted form, according to an alternative embodi- 
ment, the operating system automatically encrypts the 
hidden part for security reasons (either separately or to- 
gether with other sensible system files). 
[0087] The above described copy protected digital da- 
25 ta may be stored onto a recording medium 11 as it is 
shown in Fig. 2. In the present example, a DVD is 
shown. Alternatively, the recording medium may be a 
hard disk, a CD or a floppy disk, for example. 
[0088] The active and passive part of the copy pro- 
30 tected digital data are stored together as an uniform ac- 
tive content in the data storing area of the portable vol- 
ume. The hidden part is stored either in the system file 
in the system file area of the portable volume, wherein 
the system file meets the standards of the operating sys- 
35 tem the portable volume is intended for, or as a file ex- 
tension or runs together with the active content and/or 
active part and/or passive part in the data storing area 
of the portable volume. The active content and the hid- 
den part might even be stored to different volumes pro- 
40 vided there is a clear allocation between the hidden part 
and the respective active content which is recognised 
both by the operating system and the respective active 
part of the active content. 

[0089] In case of a read only portable volume which 
45 allows direct pi ay back of the copy protected digital data, 
the information comprised in the hidden part and the cor- 
responding rules comprised in the active part are con- 
stant and permanently written onto the portable volume 
by a manufacturer of the copy protected digital data. 
50 Since the information comprised in the rules of the active 
part of the active content can not be changed, said in- 
formation and rules have to be chosen in a suitable way 
(e.g. decryption of passive part is allowed till a certain 
date). 

55 [0090] In case installation of the copy protected digital 
data from a first volume (e.g. a floppy disc, DVD or CD 
or the Internet) onto a second volume e.g. a hard disc 
is allowed by the rules comprised in the active part of 
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the copy protected digital data, a new hidden part which 
is allocated to the active content and/or active part and/ 
or passive part stored onto the second volunne autonnat- 
ically is generated by the respective operating system. 
In line with the rules connprised in the active part stored 
onto the first volume and the corresponding Information 
comprised in the hidden part stored onto the first vol- 
ume, the rules and internal information comprised in the 
active part stored onto the second volume automatically 
are amended to correspond to the new hidden part un- 
der control of the active part stored onto the first volume. 
[0091] In this respect, if the first volume is a recorda- 
ble volume, during or after installation of the copy pro- 
tected digital data the active content and/or active part 
and/or passive part automatically might be amended un- 
der control of the active part stored onto the first volume 
which necessarily results In a corresponding amend- 
ment of the respective hidden part stored onto the first 
volume under control of the respective operating sys- 
tem. Alternatively, the active part might be adapted to 
actively amend the hidden part. 

[0092] Thus, it is guaranteed that each installation 
procedure is recognised by the inventive copy protected 
digital data and thus can be allowed or den led according 
to predetennined rules stored In the active part. 
[0093] In the following, the function of the above de- 
scribed copy protected digital data and a preferred 
method for reproducing the copy protected digital data 
are explained by reference to Figs. 3 and 4. 
[0094] In this preferred embodiment, the active part 3 
is adapted to read out the information 7, 7' comprised in 
the hidden part 6 of the copy protected digital data. Said 
hidden part 6 is stored in the Master Table File 1 0 of the 
operating system 9. This reading operation is perfonned 
by the operating system 9 under control of the active 
part 3 in a first step S1 . 

[0095] Furthermore, the active part 3 is adapted to 
compare said information 7, T with the rules 5', 5" and 
5"" comprised in the active part 3 in step S2. 
[0096] If the information 7, 7' does not comply with the 
rules 5', 5" and 5"' (e.g. the creation time or time of last 
modification of the active content 8 which is stored in 
the hidden file does not correspond to the creation time 
or time of last modification of the active content 8 stored 
as an internal information in the active part 3, respec- 
tively), it is supposed that an illegal copy has been de- 
tected. In consequence, decryption of the content 1 
comprised in the passive part 2 is denied by the active 
part 3 in step S3 and the method for reproducing copy 
protected digital data is terminated. 
[0097] Alternatively the illegal copy might be identi- 
fied by a difference in storage location of the active con- 
tent 8 or a difference In size of the active content 8, for 
example. Further alternatively, the number of different 
reproducing apparatus the copy protected digital con- 
tent can be installed to (corresponding to a maximum 
number of possible lends) might be exceeded. 
[0098] If appropriate, the active part 3 additionally 



might be adapted to amended the passive part 2 in a 
way that a decryption of the content 1 comprised in the 
passive part 2 becomes permanently impossible to per- 
manently make the Illegal copy unusable and thus to 
5 permanently deny decryption of the content 1 comprised 
in the passive part 2. 

[0099] in case the information 7, T complies with the 
internal information stored in the active part 3 and thus 
meets rules 5', 5" and 5"', the active part 3 is further 
^0 adapted to perfonn decryption of the content 1 com- 
prised in the passive part 2. 

[0100] To pertorm said decryption It can be appropri- 
ate that the active part 3 is adapted to firstly completely 
load the active content 8 and to separate the passive 
^5 part 2 and the active part 3 from the active content 8 
based on a request to reproduce the content 1 com- 
prised in the passive part 2. 

[0101] in the following step S4 the active part 3 com- 
pletely loads the encrypted content 1 comprised in the 
20 passive part 2. 

[0102] Afterwards (step 85) the active part 3 decrypts 
the content 1 comprised in the passive parts 2 to build 
a decrypted content 1' by using the information 4 how 
to decrypt the content 1 which is stored in the active part 
25 3. 

[0103] Following decryption, the decrypted content 1 ' 
is reproduced by the active part 3 in step S6. 
[0104] During the reproduction, a return (feedback) 
channel between a user and the active part 3 is provided 
50 which notifies the active part 3 about what a user did or 
wants to do. This return channel is necessary if e.g. a 
user wants to stop reproduction of the content 1 com- 
prised in the passive part 2. In this case, the active part 
3 has to decide based on his rules 5 whether the user 
35 is allowed to resume reproduction or to reproduce the 
complete content 1 once again. In this case, the original 
passive part 2 would have to be reconstructed under 
control of the active part 3 or a new passive part 2* would 
have to be generated under control of the active part 3. 
40 Preferably, the original name of the passive part is main- 
tained. 

[0105] Since the reproduction of the inventive copy 
protected digital data is perfonned by itself, no separate 
player (which might be manipulated to overcome the 
^5 copy protection) is needed and thus user friendliness is 
further enhanced. 

[0106] Immediately after reproduction of a fraction of 
the decrypted content 1', the active part 3 encrypts the 
decrypted content 1 ' in step S8 by using infomnation 4' 
50 stored in the active part 3. 

[0107] By encrypting the content immediately after re- 
production under control of the active part 3, a manipu- 
lation of said encryption is hard to perform since no sep- 
arate encryption means are needed. 
55 [0108] Said encrypted content 1 is stored in step S9 
into a new passive part 2*. 

[0109] When performing steps S5, S6, S8 and S9, in 
the meantime the active part 3 deletes the passive part 
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2 in the parallel step S7. 

[0110] Thus, when reproduction is perfornned, the 
loading, decryption, reproduction, encryption and stor- 
ing of the content 1 comprised in the passive part 2 is 
perfornned in real time. Bits comprised in the passive 
part 2 which have been decrypted Immediately are re- 
produced and immediately are encrypted after repro- 
duction and stored into a new data file as a new passive 
part 2*. Fractions of the passive part 2 which have al- 
ready been reproduced are deleted immediately after 
reproduction. In this respect it is preferred that the orig- 
inal name of the passive part 2 is maintained. 
[0111] Since loading, deletion, decryption, encryp- 
tion, and storing of the content 1 comprised in the pas- 
sive part 2 are performed in real time by the active part 
3, at no time of the reproducing operation a completed 
data set of encrypted content 1 ' is provided. Therefore, 
even during reproduction of the copy protected digital 
data a high level of copy protection is maintained. 
[01 1 2] By storing the reproduced and encrypted con- 
tent 1 into a new passive part 2* (which might be com- 
prised in a new or modified active content) each time 
reproduction is performed, the operating system 9 au- 
tomatically allocates a new / an amended hidden part 
6* to the new passive part 2* (or the active content com- 
prising the new passive part) in the following step S1 0. 
Thus, the property information of the passive part 2, 2* 
comprised in the hidden part 6* automatically is 
changed each time the content 1 comprised in the pas- 
sive part 2, 2* is reproduced. It has to be stressed that 
the hidden part 6 alternatively might be amended under 
control of the active part 3 each time the passive part is 
read out or changed due to a reproducing or copying 
operation. 

[0113] After completion of the reproducing operation, 
the active part 3 is adapted to automatically amend itself 
and to update the rules 5', 5" and 5"' to build an amend- 
ed active parts* comprising amended rules 5*', 5*" and 
5*"' (in step S11). 

[0114] To additionally enhance security of copy pro- 
tection, even the information 4 how to decrypt the con- 
tent 1 comprised in the passive part 2* and the informa- 
tion 4' how to encrypt decrypted content 1 comprised in 
the passive part 2* may be modified under control of the 
active part 3, 3* each time reproduction is performed. 
[0115] In consequence, after reproduction the active 
content 8* is different from the active content 8 before 
reproduction. To provide maximum security, as well the 
active part 3 as well the passive part 2 as well the hidden 
part 6 automatically are amended after reproduction 
each time reproduction of the copy protected digital data 
is performed. This makes it very hard to overcome the 
inventive copy protection. 

[0116] It is evident that an amendment of the active 
part and/or the passive part and/or the hidden part re- 
quires that the respective part is stored onto recordable 
volume. 

[0117] According to a second embodiment which is 



not shown in the figures, the active part and the passive 
part do not constitute an active content and thus might 
be separate data files operable separately by the re- 
spective operating system. Thus, the active part and the 

5 passive part do not necessarily have to be stored in 
physical vicinity to one another. In this case, the active 
part comprises information where the passive part is lo- 
cated or receives said information from a file system of 
the operating system. 

10 [0118] It is well understood that alternatively the hid- 
den part might be amended by the operating system 
with or without control of the active part each time the 
active part and/orthe passive part and/orthe active con- 
tent is read and/or amended and/or stored. Further- 

15 more, it is obvious that the file system of the respective 
operating system where the hidden part is stored to 
might be the file system of a CD, DVD or floppy disc, for 
example. 

[0119] In summary, the present invention bases on 
20 the principle not to prevent copying of digital data itself 
but to control decryption of content comprised in said 
digital data and in consequence to allow or forbid the 
reproduction of a copy protected data file by using the 
properties of the file system of the respective operating 
25 system. 

[0120] Normally, digital data cannot track how often it 
was copied of if it was moved from one location to an- 
other location. 

[0121] This is recognised as file properties by the file 
30 system of a respective operating system: 

[0122] A hidden part allocated to the copy protected 
digital data is provided by each conventional file system 
to allow addressing of the data. File system reader like 
the Windows Explorer are adapted to display some of 
35 said properties but do not allow modification of said in- 
formation. The hidden part (which is invisible for a user) 
stores the properties of the copy protected digital data 
and provides them to the active part. In this respect, the 
hidden part preferably notices any slight modification of 
40 the active content and/or the active part and/or the pas- 
sive part. 

[0123] Furthermore, said hidden part meets the 
standards of the respective operating system. Thus, no 
specialised hardware or central database has to been 

45 provided. No user input is necessary. In consequence, 
the inventive copy protected digital data is very user- 
friendly. Furthermore, said hidden part usually is invisi- 
ble for a user and thus hard to manipulate. Therefore 
the inventive copy protected digital data provides a high 

50 level of copy protection. 

[0124] The active part evaluates the properties pro- 
vided by the hidden part and allows or denies reproduc- 
tion of the passive part. Thus, the active part reacts on 
modifications noticed by the hidden part. Since control 

55 of the copy protection provided by the copy protected 
digital data is performed by the active part, only, no spe- 
cialised software or hardware or operating system has 
to be provided. Furthermore, both the read out operation 
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and the comparison operation are simple and consume 
very few processor time. 

[01 25] Moreover, the above object is solved by a soft- 
ware product comprising a series of state elements 
which are adapted to be processed by a data processing 
means such, that the above described method may be 
executed thereon. 



Claims 

1 . Copy protected digital data comprising 

a passive part (2) comprising content (1) to be 
protected in encrypted form; 

an active part (3) comprising information (4) 
how to decrypt the content (1 ) comprised in the 
passive part (2); and 
a hidden part (6); 

wherein 

the active part (3) and the corresponding passive 
part (2) constitute an active content (8) and 
the hidden part (6) is allocated to the active content 
(8) and/or the active part (3) of the active content 
(8) and/or the passive part (2) of the active content 
(8), the hidden part (6) comprising information (7) 
about properties of the respective active content (8) 
and/or respective active part (3) and/or the respec- 
tive passive part (2); 
characterised in that 

the active part (2) of the active content (8) addition- 
ally comprises rules (5] to allow and/or forbid de- 
cryption of the content (1) comprised in the passive 
part (2) of the active content (8) based on the infor- 
mation (7) comprised in the hidden part (6). 

2. Copy protected digital data according to claim 1 , 
characterised in that 

the active part (3) is adapted to 

read out the information (7) comprised in the 

respective hidden part (6), 

compare said information (7) with the rules (5) 

and 

perform or deny decryption of the content (1) 
comprised in the passive part (2) based on a 
comparison result. 

3. Copy protected digital data according to claim 1 or 

2, 

characterised in that 

the active part (3) of the active content (8) is adapt- 
ed to permanently deny decryption of the content 
(1) comprised in the passive part (2) of the active 
content (8) if the information (7) comprised in the 
hidden part (6) does not comply with the rules (5) 
of the active part (3). 



4. Copy protected digital data according to claim 1 ,2 
or3, 

characterised in that 

the active part (3) further comprises information (4') 
5 how to encrypt decrypted content (1 '). 

5. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 
10 the active part (3) is further adapted to perform de- 
coding and/or reproduction of decrypted content (1 ') 
after decryption of the content (1) comprised in the 
passive part (2). 

15 6. Copy protected digital data according to one of the 
preceding claims, 
characterised in that 

the active part (3) is adapted to completely load and 
delete the passive part (2), to decrypt and repro- 
20 duce the content (1) comprised in the loaded pas- 
sive part (2), to encrypt the decrypted content (1') 
after reproduction and to store the encrypted con- 
tent (1) into a new passive part (2*). 

25 7. Copy protected digital data according to claim 6, 
characterised in that 

the active part (3) is adapted to perform loading, de- 
letion, decryption, encryption and storing of the con- 
tent (1 ) comprised in the passive part (2) in real time 
30 during reproduction of the content (1 ) comprised in 
the passive part (2). 

8. Copy protected digital data according to claim 6 or 

7, 

35 characterised in that 

the active part (3) is adapted to store the new pas- 
sive part (2*) together with an adapted active part 
(3) into a new active content (8*). 

40 9. Copy protected digital data according to one of the 
preceding claims, 
characterised in that 

the active part (3) is adapted to automatically 
amend itself to build an amended active part (3*) 
45 each time decryption and/or encryption of the pas- 
sive part (2) is perfonned. 

10. Copy protected digital data according to one of the 
preceding claims, 

50 characterised in that 

the active part (3) is a tamper resistant software. 

1 1 . Copy protected digital data according to one of the 
preceding claims, 

55 characterised in that 

the rules (5) comprised in the active part (3) com- 
prise information (5') how often the content (1 ) com- 
prised in the passive part (2) is allowed to be de- 
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crypted and how often the content (1) connprised in 
the passive part (2) has already been decrypted. 

12. Copy protected digital data according to one of the 
preceding clainns, 

characterised in tliat 

the rules (5) connprised in the active part (3) com- 
prise information (5") how long the content (1 ) com- 
prised in the passive part (2) is allowed to be de- 
crypted. 

13. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the rules (5) comprised in the active part (3) com- 
prise information (5"') how often the content (1) 
comprised in the passive part (2) is allowed to be 
lend and how often the content (1 ) comprised in the 
passive part (2) has already been lend. 

14. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the active content (8) constitutes a data file opera- 
ble by an operating system. 

15. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the active part (3) is adapted to separate the pas- 
sive part (2) from the active content (8) for decryp- 
tion of the content (1 ) comprised in the passive part 
(2). 

16. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the hidden part (6) automatically is allocated to the 
active content (8) and/or the active part (3) of the 
active content (8) and/or the passive part (2) of the 
active content (8) by an operating system (9). 

17. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the hidden part (6) is stored in a system file (10) of 
an operating system (9). 

18. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the hidden part (6) is stored in encrypted form. 

19. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the hidden part (6) further comprises information 
(7') about the location of the active content (8) and/ 



or the active part (3) of the active content (8) and/ 
or passive part (2) of the active content (8). 

20. Copy protected digital data according to one of the 
5 preceding claims, 

characterised in that 

the information (7, 7') comprised in the hidden part 
(6) automatically is changed by an operating sys- 
tem (9) to build an amended hidden part (6*) each 
10 time the active content (8) and/or the active part (3) 
of the active content (8) and/or the passive part (2) 
of the active content (8) and/or the content (1 ) com- 
prised in the passive part (2) of the active content 
(8) is read out and/or amended and/or stored. 

15 

21. Copy protected digital data according to one of the 
preceding claims, 

characterised in that 

the encrypted content (1) comprised in the passive 
20 part (2) is digitised audio data and/or digitised video 
data and/or digitised picture date and/or a database 
and/or a software and/or digitised text. 

22. Recording medium (1 1 ) or consumer electronic de- 
25 vice or personal computer comprising copy protect- 
ed digital data according to one of the preceding 
claims. 

23. IVlethod of reproducing a copy protected digital data 
30 comprising 

a passive part (2) comprising content (1 ) to be 

protected in encrypted form; 

an active part (3) comprising information (4) 



35 how to decrypt the content (1) comprised in the 

passive part (2); and 
a hidden part (6); 

wherein 

40 the active part (3) and the corresponding passive 
part (2) constitute an active content (8), 
the hidden part (6) is allocated to the active content 
(8) and/or the active part (3) of the active content 
(8) and/or the passive part (2) of the active content 

45 (8), the hidden part (6) comprising information (7) 
about properties of the respective active content (8) 
and/or respective active part (3) and/or the respec- 
tive passive part (2), and 

the active part (3) of the active content (8) further 
50 comprises rules (5) to allow and/orforbid decryption 
of the content (1 ) comprised in the passive part (2) 
of the active content (8) based on the Information 
(7) comprised in the hidden part (6); 
the method comprising the following steps: 

55 

(SI) reading out the information (7) comprised 
in the hidden part (6) of the copy protected dig- 
ital data; 
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(52) comparing said information (7) with tlie 
rules (5) comprised in the corresponding active 
part (3) of the active content (8); 

(53) denying decryption of the content (1 ) com- 
prised in the passive part (2) of the active con- 5 
tent (8) if the information (7) read out from the 
hidden part (6) does not comply with the rules 

(5) and temninating the method; 

(54) loading the encrypted content (1) com- 
prised in the passive part (2) of the active con- io 
tent (8) if the information (7) read out from the 
hidden part (6) complies with the rules (5); 

(55) performing decryption of the encrypted 
content (1); and 

(56) reproducing decrypted content (1'). is 



(2) is performed. 

28. Software product comprising a series of state ele- 
ments which are adapted to be processed by a data 
processing means such, that a method according 
to one of the claims 23 to 27 may be executed ther- 
eon. 



24. Method according to claim 23, 
characterised in that the method further compris- 
es the steps of 

20 

(S7) deleting the passive part (2); 

(SB) encrypting the decrypted content (1 ') after 

reproduction; and 

(S9) storing the encrypted content (1) into a 
new passive part (2*). 25 

25. Method according to claim 24, characterised in 
that 

the step (S6) of reproducing the decrypted content 
(1'), the step (87) of deleting the passive part (2) 30 
and the step (S8) of encrypting the decrypted con- 
tent (1') after reproduction are performed in real 
time during reproduction of the decrypted content 

35 

26. Method according to claim 23 24or 25, 
characterised in that the method further compris- 
es the step of 

(S10) automatically amending the hidden part 40 
(6) by control of an operating system (9) to built 
an amended hidden part (6*) each time the ac- 
tive content (8) and/or the active part (3) of the 

active content (8) and/or the passive part (2) of 
the active content (8) and/or the content (1) 45 
comprised in the passive part (2; 2*) of the ac- 
tive content (8) is read and/or amended and/or 
stored. 



27. Method according to claim 23, 24, 25 or 26, so 
characterised In that the method further compris- 
es the step of 

(S11) automatically amending the active part 
(3) of the active content (8) by control of the ac- 55 
tive part (3) of the active content (8) to build an 
amended active part (3*) each time decryption 
of the content (1 ) comprised in the passive part 
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